Jérôme Segura
Lead Malware Intelligence Analyst

Security researcher with a focus on malvertising, exploits, and scams. French; appreciates wine, bread, and cheese.

September 20, 2016 - The website for Just For Men, a company that sells various products for men, had their website breached and was serving a password stealing Trojan. The malicious code embedded in the WordPress site was part of the EITest campaign and pushed the RIG exploit kit.

CONTINUE READING2 Comments

September 13, 2016 - With a rise in malvertising attacks lately, we take a look at an ad server pushing the Afraidgate, traditionally found on compromised sites.

CONTINUE READINGNo Comments

August 29, 2016 - This post covers the information disclosure bugs in Internet Explorer and Edge that we sometimes refer to as 'fingerprinting'. We review past flaws as well as a currently unpatched one used in the wild before exploring some long term mitigations.

CONTINUE READINGNo Comments

August 25, 2016 - In this article we take a look at some tricks that target Google Chrome users to dupe them with the infamous tech support scam pop ups. In particular, we examine the fake address bar and alert dialogs which people have come to trust and yet can be deceiving.

CONTINUE READING1 Comment

August 15, 2016 - Something unusual happened in the exploit kit ecosystem. Two well-known malware distribution campaigns switched from Neutrino EK to RIG EK. A temporary blip or a more durable change? Only time will tell.

CONTINUE READINGNo Comments

Select your language